Online transactions are now widely used to effect electronic commerce (e-commerce). One common type of online transaction involves an electronic payment by a first party to a second party, for example, to purchase goods or services. This electronic payment is typically effected by the first party entering payment card information at his/her computer. Information pertaining to the online transaction attempted to be made, including the entered payment card information, is transmitted over a computer network (e.g., the Internet) and a financial network to different computers which process this information in order to approve or deny the online transaction. Approval or denial of the online transaction is communicated to the first party via his/her computer and, if approved, settlement of the online transaction takes place between the first party's card issuing bank and the second party's acquiring bank.
While computer networking makes online transactions convenient and efficient, it also exposes a potential for fraudulent activity and thus one major area of interest with online transactions is fraud prevention. Accordingly, various security measures have been implemented to counter fraudulent online transactions. Example security measures include data encryption, card security code (CSC) verification (where an individual attempting to make an online transaction using a payment card is asked to enter the payment card's CSC), and address verification systems (AVS—where an address entered by an individual attempting to make an online transaction using a payment card is compared to a billing address known to the payment card's issuing bank).
Although such security measures help reduce the potential for fraud to a certain degree, they do not insulate online transactions from equally—if not more—severe forms of attack, including conventional theft of physical cards and the emerging threat posed by identity theft. As the volume of online transactions continues to grow, there is clearly a pressing need in the industry to combat online fraud more effectively than has been done in the past.